RenderSVGRoot extends RenderReplaced and it overrides the computeIntrinsicRatioInformation()
method of RenderReplaced. RenderSVGRoot::computeIntrinsicRatioInformation
sets isPercentageIntrinsicSize to true while it handles width and height of percentage types.
So this assertion should be fired only if intrinsicRatio is non-zero.

Currently we call a native function from the JIT code to complete the
"round" and "floor" operations. We could inline some fast paths
especially for those positive values on the platforms where floating
point truncation is supported.
This brings 3% gain on Kraken, especially 32% on audio-oscillator,
and slight win on SunSpider, measured on IA32.

This is rarely used, and not performance critical (the commonly accessed copy is cached on JSFunction),
and most objects don't need an inheritorID (this value is only used if the object is used as a prototype).
Instead use a private named value in the object's property storage.

Soon we hope to have renderers not manage there own memory allocation limits, and rely exclusively on the
allocation given by GpuMemoryManager. However, when the graphics context does not support the
GL_CHROMIUM_gpu_memory_manager extension, such as the one used by DumpRenderTree, we must default the
memory allocation limit to some non-0 value.

Functions are removed from GraphicsContext3DQt that already implemented
in GraphicsContext3DCommon. Macros that not supported at GLES have been
changed to their appropriate pair that found in GraphicsContext3D
(e.g. GL_FRAMEBUFFER_EXT to GraphicsContext3D::FRAMEBUFFER).
It was needed because OpenGLES does not support these macros.
Extensions3DQt is removed beceause it has never been used.
Some functions have been moved fron GraphicsContext3DCommon to *OpenGL
and *OpenGLES to provide specialization.
The "m_depthStencilBuffer" member is added to Qt port because it uses
"m_depthStencilBuffer" like the other platforms.

Changes to make media controls larger in fullscreen mode. The
BlackBerry media controls used to be sized by a combination
of CSS styles specified in mediaControlsBlackBerry.css and
hard coded constants in RenderThemeBlackBerry.cpp. This patch
moves all the dimensional sizes to a common location, i.e.
RenderThemeBlackBerry.cpp. Having all the logic in C++ code allows
more complex decision making for when and how much to enlarge the
media controls. Currently the controls are enlarged by a factor
of 2 if the document is in fullscreen mode, the video element
is the current fullscreen element, and the deviceScaleFactor of
the page is less than 2.0. This avoids overly large controls
on pages which are already at least doubling the size of the
controls via viewport meta tag device-width settings. In other
words, if the CSS pixels are already enlarged compared to device
pixels by a factor of at least 2 in length and width.

In order to accomplish this, I had to add a new Element* parameter
to RenderTheme::adjustSliderThumbSize(). This is needed so
that fullscreen mode can be checked and the deviceScaleFactor
retrieved. I feel that this does not have a big impact on the
code and the other ports, for which I will simply be adding the
additional parameter in their platform code.

This patch introduced InputNumber type as alias of double to be
replaced to Decimal and convertDoubleToInputNumber and
convertToInputNumberToDouble for reducing size of patch when we
introduce Decimal type.

This patch added new vairables to use const variable to reduce
copy operation when introducing Decimal type.

In the implementation, we use InputNumber, will be Decimal, however some methods in IDL
use double. To clarify internal usage of value and external usage, thit patch renamed
following functions:

Avoid creating compositing layers, and therefore using excess backing store,
for elements that have -webkit-transform-style: preserve-3d, but no 3D-transformed
descendants that would be affected by that preserve-3d.

Test: compositing/layer-creation/no-compositing-for-preserve-3d.html

rendering/RenderLayer.h: Replace the "mustOverlap" flag with a enum

that describes the different reasons for indirect compositing, so that
we can use that information to decide whether to allocate backing store.
(WebCore::RenderLayer::setIndirectCompositingReason):
(WebCore::RenderLayer::indirectCompositingReason):
(WebCore::RenderLayer::mustCompositeForIndirectReasons):

rendering/RenderLayerCompositor.h: New out param for computeCompositingRequirements()

that is uses to indicate that a 3d-transformed descendant has been encountered.
Rename requiresCompositingWhenDescendantsAreCompositing() to requiresCompositingForIndirectReason(),
and return the reason as an out param.

rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateCompositingLayers): Pass in the saw3DTransform
param to computeCompositingRequirements().
(WebCore::RenderLayerCompositor::computeCompositingRequirements): Return a flag
from computeCompositingRequirements() that is set to true if we've seen descendants
that have 3d transforms. This is later used to decide whether to composite for
perspective or preserve-3d.
Change the "mustOverlapCompositedLayers" code to use the new "indirect compositing"
enum flags.
After enumerating children, call requiresCompositingForIndirectReason() and
record the reason in the layer.
(WebCore::RenderLayerCompositor::needsToBeComposited): Use mustCompositeForIndirectReasons() now.
(WebCore::RenderLayerCompositor::requiresOwnBackingStore): Consult the indirect compositing
reason rather than just looking for the overlap flag.
(WebCore::RenderLayerCompositor::reasonForCompositing): Now that we have more information
about indirect compositing reasons, the logging can be more detailed.
(WebCore::RenderLayerCompositor::requiresCompositingForTransform): This now only looks
for 3d transforms. We now treat perspective and perserve-3d as "indirect" reasons, because
whether they composite depends on descendants having non-affine transforms.
(WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason): Includes the logic
previously in requiresCompositingWhenDescendantsAreCompositing(), and now determines
whether to composite for preserve-3d and perspective, based on whether we have transformed descendants.

LayoutTests:

Reviewed by Antti Koivisto.

compositing/backing/no-backing-for-perspective-expected.txt:

compositing/backing/no-backing-for-perspective.html: Change the transform to be non-affine so that

Fixes for selection painting in both inline line heights and block gaps. We were unintentionally
flooring inline and block offsets in RenderBlock, but actually need to intentionally floor the
logical left and right values in logical(Left|Right)SelectionGap to properly align our block
selection gaps. This is to properly mirror the behavior in pixelSnappedLogicalRightOffsetForLine.

We were also unintentionally upcasting LayoutUnits to floats in InlineTextBox's selection painting
routine. Now we're properly rounding.

The target-densitydpi parameter was originally implemented on Android,
but it does not appear to be widely used and introduces significant
implementation complexity because it forces us to track three scale
factors (defaultDeviceScaleFactor, deviceScaleFactor, and
pageScaleFactor) rather than just two (deviceScaleFactor and
pageScaleFactor).

There don't appear to be many web sites that use target-densitydpi
because it is not supported on iOS. There are also concerns from the
standards community about the design of the feature. It seems our best
course of action is to remove target-densitydpi and address these use
cases via other mechanisms, such as responsive images and device units
in CSS because those approaches are likely to be implemented broadly.

There was a bunch of inconsistent logic for handling path
conversions for win32 and cygwin paths due to us sometimes
looking at sys.platform and sometimes using mock hosts. This
patch cleans everything up so that we are required to pass
PlatformInfo objects to the path module and stop trying to do
different things when running on cygwin or win32 hosts (except
in the path_unittest module itself).

This may slightly reduce test coverage for the win32 code paths
but will be a lot easier to follow and maintain.

For expediency, we still want testers to pick the latest build to test, but to ensure
that the builders are reporting the correct revision number, we should let the building bots
run as they normally would. That is, the builder picks the oldest revision, and merges
subsequent requests. Because merged requests get appended to the list of changes for a given
build, the last change in that list is also the latest change. When we used pickLatestBuild
for the builders, this was not the case (it would always report the penultimate change).

Interpreter::execute() returns jsNull() right now if we try to enter it while
the Heap is busy (e.g. with a collection), which is okay, but some code paths
that call Interpreter::execute() allocate objects before checking if the Heap
is busy. Attempting to execute JS code while the Heap is busy should not be
allowed and should be enforced by a release-mode CRASH() to prevent vague,
unhelpful backtraces later on if somebody makes a mistake. Normally, recursively
executing JS code is okay, e.g. for evals, but it should not occur during a
Heap allocation or collection because the Heap is not guaranteed to be in a
consistent state (especially during collections). We are protected from
executing JS on the same Heap concurrently on two separate threads because
they must each take a JSLock first. However, we are not protected from reentrant
execution of JS on the same thread because JSLock allows reentrancy. Therefore,
we should fail early if we detect an entrance into JS code while the Heap is busy.

heap/Heap.cpp: Changed Heap::collect so that it sets the m_operationInProgress field

at the beginning of collection and then unsets it at the end so that it is set at all
times throughout the duration of a collection rather than sporadically during various
phases. There is no reason to unset during a collection because our collector does
not currently support running additional JS between the phases of a collection.
(JSC::Heap::getConservativeRegisterRoots):
(JSC::Heap::markRoots):
(JSC::Heap::collect):

interpreter/Interpreter.cpp:

(JSC::Interpreter::execute): Crash if the Heap is busy.

runtime/Completion.cpp: Crash if the Heap is busy. We do it here before we call

Interpreter::execute() because we do some allocation prior to calling execute() which
could cause Heap corruption if, for example, that allocation caused a collection.
(JSC::evaluate):

Previously, the code used border-box everywhere except for one place
where it used content-box when setting the override size. Conversely,
it subtracted the borderAndPaddingSize everywhere it grabbed the override
size except for one.

Instead, make the override size override the content-box size.
Converging on using the border-box size would be tricky given RenderTableCell's
tricky management of intrinsic padding.

There is no behavior change except in RenderBox::availableLogicalHeightUsing,
which fixes a table test.

refresh() and initPlugins() should call into PluginStrategy even if
ENABLE(NETSCAPE_PLUGIN_API) is false. Some ports support non-Netscape
plug-ins, so PluginStrategy should be consulted even if Netscape
plug-ins specifically are disabled.

Ports that support platform strategies but not Netscape plug-ins should
handle this inside their PluginStrategy rather than modifying generic
plug-in code.

The serialized node structure currently holds an index
of its first containment edge in the edges array.
The index can be quite big (up to 7 digits for large snapshots).
The patch changes the serialization format to pass
node containment edge count instead. For most nodes the count
is just a single digit number.
This reduces serialized snapshot size and therefore its transfer time.

Qt Quick sequentially set the x, y, width, height of the view. We really want to
start propagating further when the size of the viewport becomes valid, i.e. both
height and width are defined. In any case lower level classes are discarding an empty
size such as WebPage::sendViewportAttributesChanged() so it was pointless to send the size
through the IPC bus for nothing.

Add an API for retreieving each character bounds in composition text.
This API is necessary for implementing IMR_QUERYCHARPOSITION message in Windows.
The message is used by Japanese IME for showing their window at the correct position.

When two adjacent table row groups (thead, tbody, tfoot) have the same border-width
and the same border-style in a 'border-collapse: collapse' table the color of the border
from the top-most table row wins.

Tests: fast/table/border-collapsing/adjacent-row-groups-multi.html

fast/table/border-collapsing/adjacent-row-groups.html

rendering/RenderTable.cpp:

(WebCore::RenderTable::paintObject):
Currently each row group is sent for paint from top (firstChild) to bottom thereby causing
the borders of the bottom-most row group (which is painted last) to overlap over the
previous row-group. This breaks the precedence for collapsed borders between adjacent cells.

This fix thus reverses the order in which the row-groups/sections are passed for painting.
Additional change has been done to iterate over the RenderTableSections directly.

(WebCore):
(WebCore::RenderTable::bottomSection):

rendering/RenderTable.h:

New function has been added to obtain the last section of the table.

(RenderTable):

rendering/RenderTableSection.h:

(RenderTableSection):
RenderTableSection's paint() method has now been made public so as to make it accessible
from RenderTable.

LayoutTests:

css2.1/20110323/border-conflict-element-021a-expected.html: Added.

css2.1/20110323/border-conflict-element-021a.htm: Added.

Added ref test under the css2.1 test-suite for border-conflict-element-021a.

Added ref test for verifying 'border-collapse: collapse' table rendering when two
adjacent table row-groups have the same border-width and the same border-style. In
such a case the color of the border from the top-most table row-group wins.

This fixes a crash problem which could happen when the constructor is
given an array which contains String-type item(s).

There're still some Text mismatches between v8 results and
JSC results, most of them are v8 not throwing exception
when it is given an object whose toString() method throws
exception. (The issue will be addresse in a separate patch.)

This patch removes SelectorDataList::size() and
SelectorDataList::SelectorDataList().
SelectorDataList::size() is not used by anybody.
SelectorDataList::SelectorDataList() can be auto-generated
by a compiler.

Include WKGeolocationPermissionRequest.h in WebKitPrivate.h, so we
can use it from the new WebKitGeolocationPermissionRequest class.

UIProcess/API/gtk/WebKitPrivate.h: Added new include.

Implement geolocation permission requests in the UI client.

UIProcess/API/gtk/WebKitUIClient.cpp:

(decidePolicyForGeolocationPermissionRequest): Create a new
instance of the WebKitGeolocationPermissionRequest class and call
to webkitWebViewMakePermissionRequest().
(attachUIClientToView): Provide an implementation function for
decidePolicyForGeolocationPermissionRequest.

UIProcess/API/gtk/WebKitWebView.h: Add new element to

WebKitPermissionRequestType enumeration for geolocation requests.

UIProcess/API/gtk/webkit2.h: Added header file for

WebKitGeolocationPermissionRequest

New unit tests to test allowing and denying permission requests.

UIProcess/API/gtk/tests/TestWebKitWebView.cpp:

(testWebViewPermissionRequests): New test that loads a simple HTML
with JavaScript code requesting the current location.
(beforeAll): Added new test.

Updated documentation files.

UIProcess/API/gtk/docs/webkit2gtk-docs.sgml:

UIProcess/API/gtk/docs/webkit2gtk-sections.txt:

Tools:

Make minibrowser connect to the new 'permission requests' signal
to allow users handle the Geolocation permission requests.

MiniBrowser/gtk/BrowserWindow.c:

(geolocationRequestDialogCallback): Callback for the dialog asking
the user for allowing or not geolocation permission requests.
(webViewDecidePermissionRequest): Launch a dialog to ask the user
whether to allow or deny geolocation permission requests.
(browserWindowConstructed): Connect to 'permission-request' signal.

If we have definitions of functions with RefPtr<> in EmptyClients.h like

virtual void runOpenPanel(Frame*, PassRefPtr<FileChooser>) { }

and a source file includes EmptyClient.h, the source file needs to
include FileChooser.h though the source file doesn't use FileChooser
class explicitly because the definition of runOpenPanel() needs to call
FileChooser::deref().
To avoid this, we had better move such functions to EmptyClients.cpp.

Add HarfBuzz-ng text shaper.
Chromium mac port uses it as secondary text shaper to support OpenType features.
HarfBuzz-ng is only used when -webkit-font-feature-settings is specified and
corresponding font is not an AAT font.

No new tests. css3/font-feature-settings-rendering.html should pass on Chromium mac port.

This patch adds a setting analogous to deviceSupportsTouch to determine
whether the device supports mouse. We then don't dispatch fake mouse
events on devices that don't have a mouse in the first place.

In r118562 I made the ClipRectsCache use RefPtr<ClipRects>. However, ClipRects
was initialized with m_refCnt=0, not 1 as adoptRef() and friends expect. Also,
there was a manual ref() in RenderLayer::updateClipRects() which this patch removes.

(WebCore::LineWidth::computeAvailableWidthFromLeftAndRight):
(WebCore::LineWidth::updateAvailableWidth):
Change LineWidth left/right to floating point and instead of rounding the
left and right edge separately.

Start skipping all the failing tests on Windows to get the bots greener.

At this point it doesn't make sense to try to split the hundreds of failures out into
separate bugs and rebaseline. It makes more sense to use the Skipped list as a todo list
of things that need to be checked / updated for Windows.

This patch added checking of "option" element for CSS pseudo class :enabled as same as
:disabled to selector checker. Before r111497, it was done by using isFormControlElement.
After that revision, HTMLOptionElement was no longer derived from HTMLFormControlElement.

Test: fast/form/select/optgroup-rendering.html

css/SelectorChecker.cpp:

(WebCore::SelectorChecker::checkOneSelector): Checking element is option element as same
as PseudoDisabled in PseudoEnabled case.

When prepareToDraw fails it explicitly calls setNeedsCommit, but the
scheduler already takes care of this for it. When a frame is not
successfully drawn, the scheduler state machine sets the needsCommit
bit itself.

This behaviour is covered by CCSchedulerStateMachineTest.TestFailedDrawSetsNeedsCommitAndDoesNotDrawAgain

WebSocket send operation requires super linear time to send data
against data size. This is because removing sent data in Vector<char>
always requires data copy.
Introduced wtf/StreamBuffer realizes O(n) buffer operations.
This patch is only for optimization. No new tests are needed.

The failing http_server test was improperly suppressed (the
tuple was missing a comma, and so wasn't a tuple at all, just a
string) and so we were skipping *all* tests on win32. The right
way to skip a single test is to disable it inside the test
itself.

Make the enabled profiler a member of JSGlobalData, and switch code that accesses it to do so directly
via the JSGlobalData, rather than holding a Profiler reference to it. Do not pass the Profiler
reference to JIT code. This patch does not change the stack layout on entry into JIT code (passing an
unused void* instead), since this is an intrusive change better handled in a separate patch.

Fixed arguments simplification for direct accesses to the arguments register, which may
arise if CSE had not run. Fixed CSE so that it does run prior to arguments simplification,
by making it a full-fledged member of the fixpoint. Fixed other issues in arguments
simplification, like realizing that it needs to bail if there is a direct assignment to
the arguments register, and failing to turn CreateArguments into PhantomArguments. Also
fixed CSE's handling of store elimination of captured locals in the presence of a
GetMyArgumentByVal (or one of its friends), and fixed CSE to correctly fixup variables at
tail if the Flush it removes is the last operation on a local in a basic block.

CCVideoLayerImpl has a pointer to its CCLayerTreeHostImpl which is never
set to be non-null currently. Instead of making this a special case, we
move the CCLayerTreeHostImpl* up to the CCLayerImpl base class, and set
the pointer on every layer during commit via the TreeSynchronizer's walk
through the layer tree.

Updated CCDamageTrackerTest.verifyDamageForPerspectiveClippedLayer
so that the test is clearer and cleaner. The original test was
covering what it needed, but in a confusing and not-so-practical
way. This patch adds comments and performs a tighter test so that
the intent is a bit more clear.

The change in r111742 completely ignored border-sizing (following the table's code lead unfortunately).
The issue is that we would count the borders and paddings twice for the border-box case which would lead
to the content-box including them too. From a web-author, this behavior is equivalent to ignoring box-sizing.

rendering/FixedTableLayout.cpp:

(WebCore::FixedTableLayout::calcWidthArray):
Reworked the function to properly use computeBorderBoxLogicalWidth() for correctness. This matches
what RenderBox and the rendering code does generally. Also refactored the code to avoid the need
for local variables and make it more readable.

Take advantage of the fact that we know at ElementAttributeData construction time how many attributes
it needs to accomodate and allocate exactly as much space as needed instead of using a Vector.
For elements that never have their attribute list mutated (the vast majority), this saves a lot of
memory and removes the indirection to Vector<Attribute>'s heap-allocated storage.

Introduced a mutability flag to ElementAttributeData and sprinkled assertions all over to make sure
that nothing tries to mutate an element with a raw attribute array.

When an Element's attribute(s) are mutated, we reconstruct the ElementAttributeData, this time using
a Vector as backing instead. This is triggered when calling Element::mutableAttributeData().

This reduces memory consumption by 3.2MB when viewing the full HTML5 spec at <​http://whatwg.org/c/>.
This is a 35% reduction in DOM attribute memory use.

Furthermore, that page ends up promoting 27% of the elements to mutable attribute storage due to dynamic
adding of "class" attributes. For more static pages, savings are even greater.

This patch is partly renaming, partly moving data into CCRenderPass
and CCRenderPassDrawQuad. LayerRendererChromium should accept as input
a set of RenderPasses and this should be sufficient for drawing. It
should have no notion of RenderSurfaces at all.

First, what isn't done: RenderSurfaces still hold the textures
where RenderPasses are drawn to/from, so that these textures can
persist across frames. This will be addressed separately.

Otherwise, this completely removes the concept of RenderSurface from
LayerRenderChromium and the CCDrawQuad, replacing it with RenderPass.
The "renderSurfaceTextureManager" is renamed to the "implTextureManager"
and like-wise for the TextureAllocator, as these are not used
exclusively for render surfaces (passes), and a texture manager for
render passes that does not require a RenderSurface* will be the focus
of future changes.

move its children to the clone and later call updateBeforeAfterContent
on the parent. So, we stop accessing its member variables and cache
it in a local.

Positioned objects were not getting cleared from our grand parents.

This will happen if our immediate children got moved to a clone tree,
however at our parent nothing was moved. So, we make sure to remove
the positioned objects at every level while we are doing the cloning.

This test was still using start/end for align-self, which fallback
to stretch. The test still passed because it is testing that all
values of align-self behave the same and stretch produced the same
behavior as flex-start/flex-end.

Performing scissorRect computation during
calculateRenderPasses. Storing scissorRect in shared quad state
instead of computing it during drawQuad. Added scissorRect fields
into layers and render surfaces.

When the source rectangle argument to drawImage is not entirely
contatained by the domain of the source image, the source rectangle
is clipped, and the destination rectangle is clipped proportionately
Old behavior was to silently fail, which did not comply with the spec.

Adding a new layout test that verifies that the source and destination
rectangle arguments to drawImage are properly clipped when the source
rectangle is not entirely contained whithin the domian of the source
image. Tests image to canvas draws and canvas to canvas draws.

When calculating the CTM for a rect or path in a pattern we need to use
an SVGPatternElement's local transform. Pattern did not expose the transform
because it does not extend from from SVGStyledLocatable or SVGStyledTransformable.
This patch exposes the pattern's transform in localCoordinateSpaceTransform.

SVGGradientElement does not need this special handling because the children
of a gradient element are restricted to not include shape and structural elements
that would need to calculate a CTM.

Before this patch the added test would assert.
This patch is a prerequisite to a major refactoring of RenderSVGShape &
friends, and the test will be unskipped in a followup patch.

Refactor the tap gesture recognizer so that its internal state machine is
self contained and independent of input event types.
Also change the internal API for tap highlighting to make the code easier
to understand on the caller side.

This patch makes the tap gesture recognizer more robust, consistent with
other gesture recognizers and fixes some issues related to highlighting
and link activation with respect to native touch events.

This patch fixes invalid handling of return value of parseToDoubleForNumberType
in NumberInputType::isAcceptableValue to use isfinite() function for checking
whether specified string is valid number or not. Before r117929, return value
of parseToDoubleForNumberType was bool, but after r117929, it is double.

Test: fast/forms/number/input-number-from-renderer.html

html/NumberInputType.cpp:

(WebCore::NumberInputType::isAcceptableValue): Use isfinite()

LayoutTests:

This patch introduced function checkIt() for code sharing and added
more test cases to input-number-commit-valid-only.htm

Layout test controller "WebKitTabToLinksPreferenceKey" setting should be reset to false
otherwise LayoutTests/fast/html/tab-order.html is failing as it has a link inside the test description which might
be included in focus chain (if "WebKitTabToLinksPreferenceKey" setting is set to true).

By using SelectorQuery in Element::webkitMatchesSelector(),
we can not only simplify the code but also improve the performance
thanks to the cache mechanism of SelectorQuery which was implemented
in bug 87942.

The main purpose of this change is reduce size of ewk_view.h/cpp files and make use of ewk_view_context_paint
object by ewk_view_single and ewk_view_tiled instead of direct operations on cairo.
The code is more objective and looks very simple now.
Remove ewk_view_context_paint code from ewk_view h/cpp file and move it to separate new ewk_context_paint file.
The ewk_view_context_paint has been renamed to ewk_context_paint and it is not binded to view on creation time.

query-selector-first.html tests querySelector() for an element
that appears at the head of the document. query-selector-last.html
tests querySelector() for an element that appears at the tail of
the document. In addition, we want a benchmark of querySelector()
for an element that appears in the depths in the document.

This is one step in a larger change to expose a constructor for
EventTarget and put EventTarget on the prototype chain of DOM
objects that are event targets, in line with DOM Core. See
<​https://bugs.webkit.org/show_bug.cgi?id=67312>

query-selector-last.html tests querySelector() for an element
that appears after 1000 div elements, all of which have the same
id and class. To test the performance of querySelector() under
a lot of ids and classes, we should make the ids and classes of
the 1000 elements different.

This patch degrades the performance of query-selector-last.html
by 3.6%.

Some events, such as a 'click' event, can be dispatched on nodes in an orphaned shadow subtree.
When resolving a parent node of a shadow root which is not assigned to any shadow insertion point,
we have to return its shadow host as a parent node.

(JSC::MarkedBlock::sweep): Sweep our weak set before we sweep our other
destructors -- this is our last chance to run weak set finalizers before
we recycle our memory.

heap/MarkedBlock.h:

(JSC::MarkedBlock::resetAllocator):

heap/MarkedSpace.cpp:

(JSC::MarkedSpace::resetAllocators):

heap/MarkedSpace.h:

(JSC::MarkedSpace::resetAllocators): Don't force allocator reset anymore.
It will happen automatically when a weak set is swept. It's simpler to
have only one canonical way for this to happen, and it wasn't buying
us anything to do it eagerly.

heap/WeakBlock.cpp:

(JSC::WeakBlock::sweep): Don't short-circuit a sweep unless we know
the sweep would be a no-op. If even one finalizer is pending, we need to
run it, since we won't get another chance.

heap/WeakSet.cpp:

(JSC::WeakSet::sweep): This loop can be simpler now that
WeakBlock::sweep() does what we mean.

Reset our allocator after a sweep because this is the optimal time to
start trying to recycle old weak pointers.

(JSC::WeakSet::tryFindAllocator): Don't sweep when searching for an
allocator because we've swept already, and forcing a new sweep would be
wasteful.

heap/WeakSet.h:

(JSC::WeakSet::shrink): Be sure to reset our allocator after a shrink
because the shrink may have removed the block the allocator was going to
allocate out of.

EFL WK1 decided to divide up ewk_private.h into each file's XXX_private.h file
in order to maintain internal functions more easily. Bug 73176 is adding new
internal functions to ewk_custom_hanlder.cpp. So, ewk_custom_handler.cpp needs
to have _private.h file as well.

Node::traverseNextAncestorSibling() is called in several inline
functions defined in ContainerNode.h (a private header), so its symbol
needs to be exported regardless of whether full-screen API is enabled.

This cannot be tested with our current infrastructure (or any modifications of the
infrastructure I can think of) since it relies on the bundle being put outside
the build directory where WebKit is put.

WebProcess/InjectedBundle/mac/InjectedBundleMac.cpp:

(WebKit::InjectedBundle::load):
Use SandboxExtension::consumePermanently() rather than consume(), otherwise,
nulling out the SandboxExtension a few lines later invalidates the extension
we just consumed.

Slight speed-up on V8. Big win (up to 50%) on programs that inline very small functions.

This required a bunch of changes:

The obvious change is making CSE essentially ignore whether or not the set of
operations between the Flush and the SetLocal can exit, and instead focus on whether or
not that set of operations can clobber the world or access local variables. This code
is now refactored to return a set of flags indicating any of these events, and the CSE
decides what to do based on those flags. If the set of operations is non-clobbering
and non-accessing, then the Flush is turned into a Phantom on the child of the
SetLocal. This expands the liveness of the relevant variable but virtually guarantees
that it will be register allocated and not flushed to the stack. So, yeah, this patch
is a lot of work to save a few stores to the stack.

Previously, CheckArgumentsNotCreated was optimized "lazily" in that you only knew if
it was a no-op if you were holding onto a CFA abstract state. But this would make the
CSE act pessimistically, since it doesn't use the CFA. Hence, this patch changes the
constant folding phase into something more broad; it now fixes up
CheckArgumentsNotCreated nodes by turning them into phantoms if it knows that they are
no-ops.

Arguments simplification was previously relying on this very strange PhantomArguments
node, which had two different meanings: for normal execution it meant the empty value
but for OSR exit it meant that the arguments should be reified. This produces problems
when set SetLocals to the captured arguments registers are CSE'd away, since we'd be
triggering reification of arguments without having initialized the arguments registers
to empty. The cleanest solution was to fix PhantomArguments to have one meaning:
namely, arguments reification on OSR exit. Hence, this patch changes arguments
simplification to change SetLocal of CreateArguments on the arguments registers to be
a SetLocal of Empty.

Argument value recoveries were previously derived from the value source of the
arguments at the InlineStart. But that relies on all SetLocals to arguments having
been flushed. It's possible that we could have elided the SetLocal to the arguments
at the callsite because there were subsequent SetLocals to the arguments inside of the
callee, in which case the InlineStart would get the wrong information. Hence, this
patch changes argument value recovery computation to operate over the ArgumentPositions
directly.

But that doesn't actually work, because previously, there was no way to link an
InlineStart back to the corresponding ArgumentPositions, at least not without some
ugliness. So this patch instates the rule that the m_argumentPositions vector consists
of disjoint subsequences such that each subsequence corresponds to an inline callsite
and can be identified by its first index, and within each subsequence are the
ArgumentPositions of all of the arguments ordered by argument index. This required
flipping the order in which ArgumentPositions are added to the vector, and giving
InlineStart an operand that indicates the start of that inline callsite's
ArgumentPosition subsequence.

This patch also revealed a nasty bug in the reification of arguments in inline call
frames on OSR exit. Since the reification was happening after the values of virtual
registers were recovered, the value recoveries of the inline arguments were wrong.
Hence using operationCreateInlinedArguments is wrong. For example a value recovery
might say that you have to box a double, but if we had already boxed it then boxing
it a second time will result in garbage. The specific case of this bug was this patch
uncovered was that now it is possible for an inline call frame to not have any valid
value recoveries for any inline arguments, if the optimization elides all argument
flushes, while at the same time optimizing away arguments creation. Then OSR exit
would try to recover the arguments using the inline call frame, which had bogus
information, and humorous crashes would ensue. This patch fixes this issue by moving
arguments reification to after call frame reification, so that arguments reification
can always use operationCreateArguments instead of operationCreateInlinedArguments.

This patch may turn a Flush into a Phantom. That's kind of the whole point. But that
broke forward speculation checks, which knew to look for a Flush prior to a SetLocal
but didn't know that there could alternatively be a Phantom in place of the Flush.
This patch fixes that by augmenting the forward speculation check logic.

Finally, in the process of having fun with all of the above, I realized that my DFG
validation was not actually running on every phase like I had originally designed it
to. In fact it was only running just after bytecode parsing. I initially tried to
make it run in every phase but found that this causes some tests to timeout
(specifically the evil fuzzing ones), so I decided on a compromise where: (i) in
release mode validation never runs, (ii) in debug mode validation will run just
after parsing and just before the backend, and (iii) it's possible with a simple
switch to enable validation to run on every phase.

Luckily all of the above issues were already covered by the 77 or so DFG-specific
layout tests. Hence, this patch does not introduce any new tests despite being so
meaty.

(1) It's not memory-safe with HashMap::set(). HashMap::set() replaces
the value but not the key. Since our values own our keys, we need to
ensure object identity between key and value, or the key can be freed
prematurely. (This is impossible to demonstrate with our current
eager sweep behavior, but it shows up as crashes in layout tests if you
change to lazy sweep.)

(2) It's slower.

bindings/js/DOMWrapperWorld.h:

(WebCore): Override the default hash, which hashes based on characters.

In [WebFrame loadRequest], if the url is invalid and not nil, we transform it to file: url.
However, WebKit client could send down an empty URL that makes us transform it to file: url
as well. We should skip that as we did for nil URLs.

We're supposed to set the action attribute on the form element we just
created. Previously, we assumed the newly created form element would
be on the top of the stack of open elements, but if we're in the table
body insertion mode, the form element gets treated as self closing and
is therefore popped off the stack of open elements.

Fortunately, we already cache a pointer to the most recently inserted
form element on the HTMLConstructionSite, so we can just grab the
element from there.

If a CachedRawResource receives data while a CachedRawResourceCallback
timer is active, the incremental data will be sent to the client, followed
but all data received so far, resulting in invalid data. Resolving this adds
complexity to CachedRawResource and requires making a few more CachedResource
functions virtual, so push the callback logic into CachedResource where it can
be implemented more cleanly.

Test: inspector/debugger/script-formatter-console.html

should no longer be flaky.

loader/cache/CachedRawResource.cpp: CachedRawResourceCallback renamed and moved to CachedResource.

(WebCore::CachedRawResource::didAddClient): More or less the same as sendCallbacks() was.

loader/cache/CachedRawResource.h:

loader/cache/CachedResource.cpp:

(WebCore::CachedResource::addClient): Check the return value of addClientToSet() to determine whether

or not to call didAddClient.

(WebCore::CachedResource::didAddClient): May be called during addClient(), or may be called on a timer.

If called on a timer, move the client between sets.

(WebCore::CachedResource::addClientToSet): Determine whether didAddClient() can be called synchronously and

return true if it can.

(WebCore::CachedResource::removeClient): Ensure we cancel pending callbacks if necessary.
(WebCore::CachedResource::CachedResourceCallback::CachedResourceCallback): Renamed and moved from CachedRawResource.

loader/cache/CachedResource.h:

(WebCore::CachedResource::hasClients): Check m_clientsAwaitingCallback as well as m_clients.
(WebCore::CachedResource::CachedResourceCallback::schedule):
(WebCore::CachedResource::hasClient): Helper for calling contains() on both m_clientsAwaitingCallback and m_clients.

enforcesCSSMIMETypeInNoQuirksMode are not flipped in a user scenario.
If someone changes them, it would be reasonable to expect them
to take the effect only on subsequent document loads.
Thus we do not need to invalidate the cache when these variables are updated.

Consequently, the condition under which we have to invalidate the cache is
that any of the following variables is updated:

baseURI

mode

Tests: fast/dom/SelectorAPI/*. No change in test results.

dom/SelectorQuery.h: SelectorQueryCache is a cache from CSS selectors to parsed results.

SelectorQueryCache::Entry is an entry of the cache.
SelectorQueryCache::Entry holds a SelectorQuery object and a CSSSelectorList object.
The reason why SelectorQueryCache::Entry needs to hold the CSSSelectorList object
is that the CSSSelectorList object keeps the lifetime of CSSSelector objects
in the SelectorQuery object. Since the SelectorQuery object just holds pointers
to CSSSelector objects, the CSSSelectorList object must not be destructed
before the SelectorQuery object is destructed.
(WebCore):
(SelectorDataList):
(WebCore::SelectorQuery::SelectorQuery):
(SelectorQuery):
(SelectorQueryCache):
(WebCore::SelectorQueryCache::SelectorQueryCache):
(Entry):
(WebCore::SelectorQueryCache::Entry::selectorQuery):

dom/SelectorQuery.cpp:

(WebCore::SelectorQuery::initialize):
(WebCore::SelectorQueryCache::Entry::Entry):
(WebCore::SelectorQueryCache::add): Returns a cached SelectorQuery object if any.
Otherwise, parses a given CSS selector, creates a SelectorQuery object,
adds the SelectorQuery object to a new entry in the cache, returns the SelectorQuery
object.
(WebCore::SelectorQueryCache::invalidate): Clears the cache.

dom/Document.h:

(WebCore):
(Document):

dom/Document.cpp:

(WebCore::Document::selectorQueryCache):
(WebCore):
(WebCore::Document::setCompatibilityMode): Invalidates the cache
when m_compatibilityMode is updated.
(WebCore::Document::updateBaseURL): Invalidates the cache
when m_baseURL is updated.

dom/Node.h: Changed String to AtomicString, since the key of the cache

When an element goes fullscreen, its wrapper/container obeys all
BlackBerry specific fixed position customizations: we fixed
against Y, but not X. Then, in order to have the wrapper element
properly positioned when entering fullscreen mode, we
temporarily scroll x to 0.

The way elements go fullscreen with the new FULLSCREEN_API
is that they get cloned and added to an out-of-DOM wrapper
element. The wrapper is a normal fixed position element and
then zoom in/out accordingly to how other layers do: following
WebPage's scale.

When going fullscreen, we have to take the current WebPage scale
into account in order to properly fit the element to the screen,
regardless the web page scale.

Make GraphicsContext3DPrivate use GraphicsSurfaces
for WK2. The GraphicsContext3D then uses the existing
RenderBuffer for multisample rendering.
When WebGraphicsLayer::syncCompositingState is being
executed, the canvas is being synced as well. This means
that the RenderBuffer contents are being blit onto
a GraphicsSurface, and the GraphicsSurface token is
being sent to the UIProcess.
The WebLayerTreeRenderer then creates a
TextureMapperSurfaceBackingStore for the canvas and
passes the GraphicsSurface token as an argument.
The token can then be used to identify the GraphicsSurface
from the UIProcess side.

Reviewed by Noam Rosenthal.

platform/graphics/GraphicsContext3D.h:

Added createGraphicsSurfaces function. This is currently only
being used by the Qt port.

platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:

(WebCore::GraphicsContext3D::reshape):
Calling the createGraphicsSurfaces function when the GraphicsContext3D
is reshaped. This is currently only relevant for the Qt port.

platform/graphics/qt/GraphicsContext3DQt.cpp:

(GraphicsContext3DPrivate):
Added m_frontBufferGraphicsSurface, m_backBufferGraphicsSurface
and m_surfaceFlags members.
(WebCore::GraphicsContext3DPrivate::GraphicsContext3DPrivate):
In case of WK2, create a QOpenGLContext and two GraphicsSurface
for sharing the WebGL content with the UIProcess. One GraphicsSurface
is being used as the front, the other one as the backbuffer.
Creating a QOpenGLContext currently requires showing a QWindow.
For the moment we therefore create a minimal QWindow and place
it offscreen.
(WebCore::GraphicsContext3DPrivate::copyToGraphicsSurface):
This new function is called from the WebGraphicsLayer,
to blit the multisample framebuffer and copy its contents
onto the GraphicsSurface.
(WebCore::GraphicsContext3DPrivate::createGraphicsSurfaces):
Whenever the GraphicsContext3D is being reshaped,
new GraphicsSurfaces must be created with the updated dimensions.
(WebCore::GraphicsContext3D::createGraphicsSurfaces):

(WebKit::WebLayerTreeRenderer::syncCanvas):
(WebKit::WebLayerTreeRenderer::deleteLayer):
(WebKit::WebLayerTreeRenderer::purgeGLResources):
Create a TextureMapperSurfaceBackingStore for the canvas
if necessary and pass or update the graphicsSurfaceToken
for to be used with the backing store.

WebProcess/WebCoreSupport/WebGraphicsLayer.cpp:

(WebCore::WebGraphicsLayer::WebGraphicsLayer):
(WebCore):
(WebCore::WebGraphicsLayer::setContentsToCanvas):
(WebCore::WebGraphicsLayer::syncCanvas):
Copy the multisample framebuffer contents onto the GraphicsSurface.
Notify the UIProcess of the availability of a new texture.
(WebCore::WebGraphicsLayer::syncCompositingStateForThisLayerOnly):
Sync the canvas as well.

WebProcess/WebCoreSupport/WebGraphicsLayer.h:

Added a pure virtual function syncCanvas.
This is guarded by PLATFORM(QT).
(WebGraphicsLayerClient):
(WebGraphicsLayer):

Suppress text diff on http/tests/media/video-buffered.html on Chromium Leopard as
it has been failing on Leopard since it was re-enabled in ​http://trac.webkit.org/changeset/119268.
The failure is tracked by the bug 88160.

kLargeNumber is meant to avoid overflowing when projecting a point through a transform. Unfortunately,
due to FractionalLayoutUnit's diminished range compared to integers, we were overflowing anyways. This
change adjusts our large number by the same value, but adjusted for our denominator.

DFG should not emit unnecessary speculation checks when performing an int32 to double conversion on
a value that is proved to be a number, predicted to be an int32, but not proved to be an int32​https://bugs.webkit.org/show_bug.cgi?id=88146

Fix leak possibly introduced in r118979 - we now will
make sure we clean up any stale temp directories during the
start routine and attempt to clean up again in del. It
turns out that asserting in del logs a message but is
caught by the runtime, so it's mostly useless.

CCTransformKeyframe new owns a WebTransformOperations rather than a
TransformOperations. LayerChromium's API has been changed so that
LayerChromium::addAnimation should take only a CCActiveAnimation.
GraphicsLayerChromium is new responsible for translating to
WebTransformOperations and creating CCActiveAnimations. Tests that use
the public API (that is, they call addAnimation with KeyframeValueList
and Animation arguments) have been moved to GraphicsLayerChromiumTest.

We were checking for invalid QVariants in a very odd way. Since in Qt5 the
userType of invalid changed to not be Void, this broke the tests for QtWebKit
with Qt5. Replace those checks with QVariant::isValid() calls.

paintNinePieceImage() expects un-zoomed results from
calculateImageIntrinsicDimensions(). This was previously addressed by having
paintNinePieceImage() divide the effective zoom out of the result from
calculateImageIntrinsicDimensions(). However, that results in buggy behavior for
generated images and images with percentage sizes. In the end it seems best to
just send a parameter to calculateImageIntrinsicDimensions() indicating whether
the caller wants the result to be scaled by the effective zoom when appropriate.

One big issue with supporting mixed directionality inside a table is that the start / end
borders don't align between table parts anymore: the start border of a ltr table will have
to match the end border of a rtl row group for the purpose of collapsed border computation.

This change adds the concept of adjoining borders in the table direction so that we can safely
hide which exact borders we pick up for the collapsed border computation.

rendering/RenderTable.cpp:

(WebCore::RenderTable::calcBorderStart):
(WebCore::RenderTable::calcBorderEnd):
Refactored those functions to use proper naming along with the new APIs. The name 'adjoining' is
used extensively as we cannot make any assumptions on which borders we will get.

(WebCore::RenderTable::recalcBordersInRowDirection):
Added a FIXME found during testing.

(WebCore::RenderTableSection::borderAdjoiningTableStart):
(WebCore::RenderTableSection::borderAdjoiningTableEnd):
Those functions are the same at the moment to match the existing code. They
will be changed to use the proper directionality in a follow up patch.

rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::firstRowCellAdjoiningTableStart):
(WebCore::RenderTableSection::firstRowCellAdjoiningTableEnd):
Those functions return the cells that is adjoining a table edge. Due to us flipping
the cells at layout to match the section's direction, those functions will need to
account for mixed direction in determining the right cell to consider.

Fix the way lastNode (our insertion point) is updated whenever
traverseNextSibling moves up to a new parent, so that the relative
depth between the next sibling and the original start node is
maintained in the clone. The divergence in depth broke the paragraph
into two paragraphs because the next sibling was inserted outside the
blockquote that was created for the indentation.

Note that the topNode is not required anymore because it is no longer
used anywhere.

Five tests (classEnums, classConstructor, transferInvokable, findObject and
findChildren) were removed since they contained commented code since the file was
added back in 2008. The QObject bridge tests were probably inspired in similar
tests for QtScript, so many features not yet implemented were present in QtWebKit
tests but commented.

platform/mac/mathml/presentation/mo-stretch-expected.txt: Clearly incorrect results were
landed for this test, not sure how that happened (I cannot find these wrong results anywhere
in trunk history).

platform/mac/tables/mozilla/bugs/bug4527-expected.txt: Looks like this test was not updated
with others. The only observable difference is a slightly smaller width of an input field,
which matches what one could expect from the change.

Add TextureMapperSurfaceBackingStore, a new backing store
that allows to import textures from a GraphicsSurface.
On Mac the GraphicsSurface is backed by an IOSurface
which must be used with a GL_TEXTURE_RECTANGLE_ARB texture.
Therefore it is also necessary to add new shader programs
for directly painting these textures on screen.

Reviewed by Noam Rosenthal.

platform/graphics/texmap/TextureMapperBackingStore.cpp:

Add a new TextureMapperBackingStore implementation that can directly
reuse textures as they are being passed from the GraphicsSurface.
(WebCore::TextureMapperSurfaceBackingStore::setGraphicsSurface):
(WebCore::TextureMapperSurfaceBackingStore::texture):
(WebCore::TextureMapperSurfaceBackingStore::paintToTextureMapper):

Add new shader programs that can be used with GL_TEXTURE_RECTANGLE_ARB textures.
This is mainly necessary, because this type of texture uses non-normalized coordinates.
Further move the calls to initializeProgram() from the constructor into a separate
initialize() function, as initializeProgram() calls vertexShaderSource() (and friends)
and we should not call virtual functions in the constructor.
(WebCore::TextureMapperShaderProgram::initialize):
(TextureMapperShaderProgramSimple):
(WebCore::TextureMapperShaderProgramSimple::TextureMapperShaderProgramSimple):
(TextureMapperShaderProgramRectSimple):
(WebCore::TextureMapperShaderProgramRectSimple::TextureMapperShaderProgramRectSimple):
(TextureMapperShaderProgramOpacityAndMask):
(WebCore::TextureMapperShaderProgramOpacityAndMask::TextureMapperShaderProgramOpacityAndMask):
(TextureMapperShaderProgramRectOpacityAndMask):
(WebCore::TextureMapperShaderProgramRectOpacityAndMask::TextureMapperShaderProgramRectOpacityAndMask):
(TextureMapperShaderProgramSolidColor):
(WebCore::TextureMapperShaderProgramSolidColor::TextureMapperShaderProgramSolidColor):

Antialiased clipping in the simple rectangular clip method
leads to edge artifacts when transformations are applied to the layer.
Explicitly disabling antialiased clipping for this function solves this issue.
Comparing Cairo GraphicsContext to Qt and Skia GC, it seems that these
backends do not expect the platform context to clip antialiased in this
case either.

Currently, parent resources are not invalidated when SVGInlineText nodes
are added or removed. Adjusting SVGResourcesCache::clientWasAddedToTree()
and SVGResourcesCache::clientWillBeRemovedFromTree() to cover this case.

Add support in the ChangeLog parser for reviewer names that have
initials in them.

Scripts/webkitpy/common/checkout/changelog.py:

(ChangeLogEntry): Add a new group of regular expressions that need a backreference
in the replacement string. This allows for matching the word characters before a
period, without totally throwing them away.
(ChangeLogEntry._parse_reviewer_text): Use the new regular expression.

Scripts/webkitpy/common/checkout/changelog_unittest.py:

(test_fuzzy_reviewer_match_initial): Add a test for a reviewer name that has an initial.

PR: 142961
When bridge apps were in carousel mode, the backing store was inactive
as its memory had been released. When we rotated the device, we would
call WebPagPrivate:setViewportSize and resume screen and backing store
to render and blit visible contents. As backing store was inactive and
the window usage was GLES2Usage, we were neither doing backing store
rendering nor direct rendering. Therefore, we drew layers directly
based on the invalid texture contents when blitting contents if
accelerated compositing was enabled.
This patch forces compositing mode to let the accelerated compositing
layer take care of the rendering which can update texture contents
before drawing when backing store is inactive and is openGL compositing.

In the case where pageScaleFactor changes, we were calling
setScrollPosition with an incorrect scroll position (i.e. a scroll
position scaled by the pageScaleFactor we hadn't yet applied), then
fixing it by setting the pageScaleFactor and scroll position together,
overwriting the old scroll position. It's cleaner to just set the
pageScaleFactor and scroll position together.

No new tests as this isn't expected to change the ultimate behavior, just clean up how it happens.

Global history delegate is an interface for WebKit clients to manage their own global history store.
The new ewk_view signals do the following:
1) report that a navigation happened within the view and give the navigation details.
2) report that view performed a client redirect and give source and destination uris.
3) report that view performed a server redirect and give source and destination uris.

Asking for characters() of an 8-bit string will make a 16-bit copy internally
in WTF::String. Since we're going to copy the data to QStringData anyways, which
is 16-bit, we can do the conversion ourselves and save one copy.

Instead of copying the QString data when converting to a WTF::String we
make the WTF::String adopt the QString data by introducing a new buffer
ownership type, and pointing the internal WTF::StringImpl 16-bit data
member to the string data managed by QStringData.

We make sure to reference the QStringData when adopting, so that the
data will stay alive, and then dereference it when the WTF::StringImpl
is deleted, which will free the QStringData (either straight away, if
we're the only one holding a reference still, or later, when the ref
count goes to 0).

In the case of going back from a WTF::String to a QString we can cheat
a bit (avoid a copy), if we know that the WTF::String was adopted from
a QString, since it's then just a matter of having the QString adopt
the existing QStringData (just like a regular QString copy).

If the WTF::String buffer is not owned by QStringData, eg a regular
8-bit or 16-bit string/substring, we have to fall back to copying,
as before (though there are potential optimization tricks we can
apply here later on).

from platform/PluginDataEfl.
(PlatformStrategiesEfl::initialize): Initialize platform strategies.
(PlatformStrategiesEfl::PlatformStrategiesEfl):
(PlatformStrategiesEfl::createCookiesStrategy): Return this.
(PlatformStrategiesEfl::createPluginStrategy): Ditto.
(PlatformStrategiesEfl::createVisitedLinkStrategy): Ditto.
(PlatformStrategiesEfl::createPasteboardStrategy): Return 0, since
PasteboardStrategy is only used by mac code for now.
(PlatformStrategiesEfl::notifyCookiesChanged):
(PlatformStrategiesEfl::refreshPlugins): Refresh the plugin
database. Code executes only when NETSCAPE_PLUGIN_API is ON.
(PlatformStrategiesEfl::getPluginInfo): Initialize plugins and
populate the given vector with plugins information. Code executes
only when NETSCAPE_PLUGIN_API is ON.
(PlatformStrategiesEfl::isLinkVisited): Return whether the given
hash is a visited link of the page group.
(PlatformStrategiesEfl::addVisitedLink): Add the given hash to the
page group visited links.

This ASSERT was introduced in ​http://trac.webkit.org/changeset/97402
together with a branch that handled the case of the ASSERT firing.
This ASSERT fires when running tests on Android (which runs with
ASSERTs enabled). The ASSERT appears to be bogus, so this patch removes
it.

We process the HTTP headers for a response after we create a document
object for the response. Previously, the SecurityOrigin of a document
was determined when the document was created, which meant that the
sandbox directive in CSP couldn't create a unique origin.

In this patch, we transition to a unique origin when we start enforcing
the SandboxOrigin bit. This patch is more complicated than you might
expect because we redundantly store the SecurityOrigin object in
DOMWindow. Removing that redundant state is​https://bugs.webkit.org/show_bug.cgi?id=75793.

Added allocated and used sizes of page render arenas to the memory
report returned by the InspectorMemoryAgent. Total allocated size of
the inspected page's render arenas will be displayed on the memory
pie-chart.

We need to use disabeld() instead of m_disabled to calculate
willValidate property. Also, we need to update willValidate if
necessary.

Test: fast/forms/fieldset/validation-in-fieldset.html

html/HTMLFieldSetElement.cpp:

(WebCore::HTMLFieldSetElement::disabledAttributeChanged):

Do not traverse this.

Calls ancestorDisabledStateWasChanged() instead of
setNeedsStyleRecalc() because we'd like to do additional tasks.

html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::ancestorDisabledStateWasChanged):
Added. Just calls disabledAttributeChanged().
(WebCore::HTMLFormControlElement::parseAttribute):
Do not call setNeedsWillValidateCheck() whenever an attribute is updated.
It should be called only if disabled or readonly attribute is updated.
(WebCore::HTMLFormControlElement::disabledAttributeChanged):
Add setNeedsWillValidateCheck(). It was moved from parseAttribute().
(WebCore::HTMLFormControlElement::insertedInto):
Invalidate ancestor information.
(WebCore::HTMLFormControlElement::recalcWillValidate):
Use disabled() instead of m_disabled. disabled() takes care of
ancestor's disabled state.